Hillsborough Schools Computer Network Shut Down by Cyber Attack
Due to the Nature of The Attack, Schools Were Closed and Classes Are Being Conducted Online.
On Monday, a cyber attack shut down New Jersey Hillsborough Schools’ entire township system. Local and federal authorities are working to track down the source and see if any damage has been caused to the computer network which is utilized by thousands of students, teachers, and support staff daily.
Image Source: Hillsborough Board of Education
As a result, all schools were closed Monday and the Board of Education meeting was canceled and rescheduled. At the moment, classes are being conducted online, with staff and students using their remote devices.
In an email to parents, Hillsborough Superintendent of Schools Lisa Antunes said
Several hours ago, our technology department was alerted to a possible cyber attack. Law enforcement, including the FBI recommended shutting our systems down so that we may be able to ascertain the depth of the attack. (…) Our technology team continues to work methodically with cybersecurity experts and law enforcement to establish a timetable for the completion of the restoration of the operation of our systems. This is an overwhelmingly complicated task with many moving parts.
The superintendent said Chromebooks given to students were not affected by the attack and students could use them. She also said that while staff email was not affected, voicemail was not working Monday.
Last month, the Conti ransomware gang encrypted the systems at Broward County Public Schools in Florida and threatened to release sensitive personal data of students and staff unless the district paid an enormous $40 million ransom.
After weeks of negotiations, the hackers eventually lowered the offer to $10 million. Under district policy, that amount is the maximum it can pay without school board approval.
The Fort Lauderdale-based district said it is working with cybersecurity experts “to investigate the incident and remediate affected systems.” The district did offer to pay $500,000, at which point the ransomware criminals apparently ended negotiations.
According to the K-12 Cybersecurity Resource Center and the K12 Security Information Exchange report,
2020 saw a record-breaking number of publicly-disclosed school cyber incidents. Moreover, many of these incidents were significant: resulting in school closures, millions of dollars of stolen taxpayer dollars, and student data breaches directly linked to identity theft and credit fraud.
The report mentions 408 publicly-disclosed school incidents, including student and staff data breaches, ransomware and other malware outbreaks, phishing attacks and other social engineering scams, denial-of-service attacks, and a wide variety of other incidents.